The GDPR Incident Response Plan How to Help your Business Survive a Cyber-Attack

accessing privileged accounts was the number one choice for the easiest and fastest way to get at sensitive data

32 %OF HACKERS SAY

HACKERS TARGETPersonal Identifiable Information

• Full name (if not common)• Home address

• Email address • National identification number• Passport number

• IP address or Mac Address• Vehicle registration plate number• Biometric Information

YOU

• Driver's license number• Face, fingerprints, or handwriting

• Credit card numbers• Digital identity• Date of birth

• Birthplace• Genetic information• Telephone number

• Login name, screen name, nicknames

EU General Data Protection Regulation

Here’s what you need to know now!

EC DATA PROTECTION REGULATION

EU General Data Protection Regulation intends to strengthen and unify data protection for individuals within the EU.

Addresses export of personal data outside the EU.

Give citizens back the control of their personal data.

Simplify the regulatory environment for international business by unifying the regulation within the EU.

Replaces the data protection directive (officially Directive 95/46/EC) from 1995.

DATA PROTECTION PRINCIPLES –ARTICLE 5

• Adequate, relevant & not excessive

• Fairly and lawfully processed

• Obtained only for specified purposes

• Accurate and up-to-date

• Processed in line with the rights afforded to individuals

• Not kept for longer than necessary

• Not transferred to countries outside the EEA without adequate protection

• Accountability

• Kept Secure

• Consent• Data Protection Officer• Data Breaches - 72 hours

• Legal Obligations to Notify without undue delay

• Data Portability• Right to Erasure• Joint Liability for Cloud• Sanctions for failure to comply

EU GDPR EXECUTIVE SUMMARY

EU CITIZENS Collecting or Processing PII?

• Full name (if not common)• Home address

• Email address • National identification number• Passport number

• IP address or Mac Address• Vehicle registration plate number• Biometric Information

• Driver's license number• Face, fingerprints, or handwriting

• Credit card numbers• Digital identity• Date of birth

• Birthplace• Genetic information• Telephone number

• Login name, screen name, nicknames

Where is the Personal Identifiable Information (PII) stored?

Application Unix Server Windows Server Database Network Device Workstation

PRIVILEGED ACCOUNTS & WHAT THREATS DO THEY POSE?

ü Non-human accounts used by IT staff which often have unfettered access to critical data and systems i.e. Domain Admin, root.

ü Exist everywhere in nearly every connected device, server, hypervisor, OS, DB, or application: on-premises & cloud.

ü Represent one of the most vulnerable aspects of an organization’s IT infrastructure.

MALWARE

RANSOMWARE

SENSITIVE DATA LOSS

INSIDER ATTACKS & DATA LEAKS

DATA POISONING

SERVICE DISRUPTION

FINANCIAL FRAUD

DATA PROTECTION PRINCIPLES:MUST PROTECT PRIVILEGED ACCOUNTS

EU Citizens Personal Data (PII)

Privileged Accounts

Privileged AccountManagement

Ext. User

Application

Unix Server

Windows Server

Database

Network Device

Int. User

Attacker

Active DirectoryAdmin

PAM

Monitor

Audit

Control

Workstation

ProtectingandSecuringPrivilegedAccounts

What can you do to be Prepared, Survive and stay Compliant?

WHEN?• It will happen?• When you find it?

You may be told of this Breach by an outsider, most frequently!

Law Enforcement (41%)

Third Parties including customers (35%)

Incident Response Checklist• Ownership• Communications• Contact List• Clear Definition of Threat

1. Confidentiality – Data Loss

2. Integrity – Data Poisoning

3. Availability - DDOS

• In-House Capability and 3rd

Party Responsibility• Containment (Evidence) • Press Statement• Legal Assessment• Eradication• Recovery• Lessons Learned

Is the boardroom prepared?• Ownership – Defined Roles• Communications and PR• Contact List• Cyber Awareness • Red Team Exercise• Press Statement

Help from authorities is easier if you already have some relationships with the right people.

• What is the financial risk impact?• Do you know how to get and

transfer bitcoins?

Is the support team trained and prepared?

ADD MULTI-FACTOR TO SENSITIVE ACCOUNTS

AUDIT ALL PRIVILEGED ACCESS

Are you ready to take the responsibility?

20% of Forbes 50

10% of Forbes Global 2000

4 of top 5 in Software****based on Forbes Global 2000 Classification

Finalist, Best Customer Service

WhoisThycotic?Thycotic prevents cyber attacks with multiple layers of security.

7,500 customers around the world from Fortune 5 to mid-market to small IT departments.

Headquarters in Washington, DC. Offices in London and Sydney. Established in 1996.

Rated top in class for customer satisfaction*.

*Forrester Research independent survey.

20 Most Promising Enterprise Security Companies 2016

5/5 STARS – SC Magazine

Honoree, 2013, 2014, 2015, 2016

2014 Finalist, Security and Compliance

2016 Finalist, Security

QUESTIONS